package cn.com.lyj6851.sso.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SsoSecurityConfig extends WebSecurityConfigurerAdapter {


    @Autowired
    private UserDetailsService userDetailsService;

    /*@Bean
    public PasswordEncoder passwordEncoder(){ //这里注入了就可以了
        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }*/

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService);
               // .passwordEncoder(passwordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
    	http.formLogin().loginPage("/authentication/require")
	        .loginProcessingUrl("/authentication/form")
	        .and().authorizeRequests()
	        .antMatchers("/authentication/require",
	                "/authentication/form",
	                "/**/*.js",
	                "/**/*.css",
	                "/**/*.jpg",
	                "/**/*.png",
	                "/**/*.woff2"
	        )
	        .permitAll()
	        .anyRequest().authenticated()
	        .and()
	        .csrf().disable();
    }
    
}